“Kick it!”: Sberbank employees has access to the customer card without any documents

The client Sberbank was unpleasantly surprised when in the change rooms for the mobile Bank had not asked no I. D., no name.

Old phone number the client has locked, so when changing rooms for mobile Bank he needed the assistance of an employee of the savings Bank. However, the client was shocked that the employee subscribes to the service to the new number, even asking for a passport or last number of the mobile Bank. Thus, the hero of the story assumes that the conditional attacker, having the card and knowing the pin code from it, will be able to connect a mobile Bank and to transfer all the money available on the card itself on another card. Thus, the client expresses doubts about the safety of working processes of the savings Bank.

However, commentators of the story, I think that the attackers did not succeed in this way to connect a mobile Bank. First, what the scammer will want to go to a Bank and show his face at all the cameras. Second, when you first receive the card, the Bank already has scanned passport of the client, so the monitor could affect a photo as part of identification.

In addition to the first problem, the client complains of very Intrusive promotion of new services in green Bank – namely biometric identification. According to the client, the same employee offered to connect him very strongly, four times in one visit. Such persistence are unhappy and other users in the network.

That will soon be introduced biometric identification, it became known last year. Even then, critics questioned the safety of such innovations. They obviously would facilitate the work of fraudsters. After all, in order to withdraw money from the cards, not even we would have to go to the branch of the Bank – enough to change voice using widely available programs, and also to make a special mask. Moreover, experts believe that the mask would not be required at all face – it would be enough area around the eyes. Anyway, this would significantly reduce the risk of being exposed of fraud. To withdraw funds from the card so it is possible and remotely, without fearing that you will literally be caught by hand. And if the Bank to avoid any fraud attempts to tighten control over the convergence of bioparameters, and the honest user of the card will have much more time will be spent in front of a camera lens and a microphone – after all, the system will “doubt” even with the original owner.